Security firm claims Mac security is “10 years behind” Microsoft

Kaspersky Lab is sounding the Mac malware alarms once again.

Not content to dispel the "myth" that Macs are impervious to malware last week, Kaspersky Lab CEO Eugene Kaspersky is sounding the Mac malware alarm again this week. During the Info Security 2012 conference, he claimed that Apple is 10 years behind Microsoft on the security front.

"I think [Apple is] ten years behind Microsoft in terms of security," Kaspersky told CBR. "For many years I've been saying that from a security point of view there is no big difference between Mac and Windows. It's always been possible to develop Mac malware, but [Flashback] was a bit different. For example, it was asking questions about being installed on the system and, using vulnerabilities, it was able to get to the user mode without any alarms."

Kaspersky suggested that OS X's relatively low incidence of malware over the last decade has caused Apple to fall behind, while the abundance of viruses, worms, and trojans targeting Windows forced Microsoft to step up its game.

There's some truth behind that thinking—Windows 7 is by far the most secure operating system Redmond has built. But Apple hasn't entirely rested on its laurels for the last ten years. The company has added malware detection to OS X, continued to remove default installs of popular exploit vectors like Flash and Java, and added features like address space layout randomization (ASLR) and sandboxing to prevent one application exploit from affecting the whole system.

The recent hubbub over the Flashback trojan has certainly raised concerns over the security of OS X, and we agree that Apple could do more to be responsive to malware threats when they are discovered. But to suggest Apple is "10 years behind" belies the efforts it has made to secure the OS from different angles.